Organisations can no longer afford to risk the financial and reputational impacts of a breach, which can be too much for a business to recover from.

That’s according to Mark Blower the national business manager of Networks & Security at Empired.

He says that IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.

While businesses still face threats from infected devices and malware, Blower explains that attackers have also moved beyond that.

“This means we are seeing an increase in compliance audits so that IT managers have something tangible to show senior management and boards,” he says.

“An ISO audit, for example, can demonstrate that organisations have the right policies, educated staff and the right security technology, and can enforce policies or report on people that are breaking their policies.”

According to Blower, the IT policy is a critical component of an organisation’s security strategy.

“IT managers need to have policies regarding which devices can connect, when they can connect, and how staff members can get approval to connect devices,” he says.

“Furthermore, they haven’t implemented the right policies from the start before taking on new technology.”

Blower explains that when under scrutiny, it can be tempting to just take on more technology - but this doesn’t necessarily address the problem and can create a mix of technology that follows different standards.

“To ensure they can prove their security measures are adequate, IT managers should conduct an audit to see where security is lacking and then invest to update any technology as appropriate to enforce these policies,” he says.

“Once this is in place it is important for IT managers to continually conduct audits to find issues, improve and remediate.”